See 4.3.10 and 4.3.11 for a description of this threat.

OPC UA Client applications counter the use of rogue Servers by validating Server ApplicationInstanceCertificates. There would still be the possibility that a rogue Server provides a Certificate from a trusted OPC UA Server, but since it does not possess the appropriate Private Key (because this will never be distributed) to decrypt Messages secured with the correct Public Key the rogue Server would never be able to read and misuse secured data sent by a Client. Also, without the Private Key the Server would never be able to sign a response message to a Client.

If communication is secured using ECC, then the Client would refuse to establish a SecureChannel with the rogue Server. If a rogue server attempted to hijack a running connection, it would not be able to generate signed messages to the Client. OPC UA Subscriber applications counter the effect of a rogue Publisher by validating the signature on the published messages.